Authors: partner, head of audit services Mart Nõmper and legal adviser Lee Laanemäe
In Estonia the auditor’s activities are regulated by Auditors Activities Act. Conditions, when a company has an obligation to conduct audit or review, come also from the Auditors Activities Act. But the question arises, what happens if the auditor makes a mistake? Which is the auditor’s liability in case when the auditor does not notice discrepancies in the report or hides them intentionally? How much help can the injured party expect from the insurer?
In the light of the Auditors Activities Act it is necessary to distinguish auditor and audit firm from each other. An audit firm is a sworn auditors’ firm (i.e. a company, where one of its activities’ is the provision of sworn auditor’s professional service) or a sworn auditor acting through sole proprietor. An audit firm bears proprietary liability for the direct proprietary damage wrongfully caused to a client or third party by provision of audit service, however, the maximum liability limit is ten times the client contract fee. The maximum liability limit shall not be applied in the case of damage caused by gross negligence or deliberate damaging.
Hereby it is important that the proprietary liability shall be caused wrongfully. The types of culpability are carelessness, gross negligence and intent. Carelessness is failure to exercise necessary care, gross negligence is failure to exercise necessary care to a material extent and intent is the will to bring about an unlawful consequence upon the creation, performance or termination of an obligation. In other words, it is necessary to prove that the auditor was careless in fulfilling its obligations or even hid something intentionally and it brings auditor’s liability. Carelessness and gross negligence are applicable if for example the auditor has not exercised due diligence, which is stipulated in Handbook of the Code of Ethics for Professional Accountants. For example, according to the previously mentioned code of ethics the auditor has to be honest, objective and confidential. An auditor cannot leave out or hide required information, if this kind of exclusion or hiding is misleading. In addition, the auditor cannot submit wrong or misleading statements.
For example, in the Supreme Court’s 23.12.2005 decision no 3-1-1-139-05 clause 2.4. the court found that the accountant of the company prepared and signed income tax return, in which the requirements arising from Income Tax Act were ignored, and the auditors did not point out the wrongful usage of tax law. According to this, it would have been possible to submit claim for damages against the auditor.
Liability arising from the Auditors Activities Act
In practice the auditors’ liability is implemented also in misdemeanors. Such misdemeanor compositions are stipulated in the 10th chapter in the Auditors Activities Act. For example, violation of the requirements for the preservation or destruction of documents is punishable by a fine of up to 300 fine units. The auditor can be punished by a fine up to 200 fine units also when the auditor has not concluded a written contract with the client or does not agree on the duration of the audit in the contract.
Criminal liability means commission of an offence. The strictest liability for auditor itself derives from the Penal Code. The Penal Code states that a sworn auditor who in a report fails to submit or incorrectly submits significant facts which became known to him or her in the conduct of an audit is punishable by a pecuniary punishment or up to one year's imprisonment. The prohibited act assumes that significant facts have become known to the auditor, which he or she has failed to submit or submitted incorrectly. It means that in that case the auditor shall be aware, that he or she fails to submit the significant facts in the report or submits them incorrectly. However, the Penal Code clause does not probably apply when it has been an unintentional mistake. Nevertheless, in such a case the act may be held civilly liable (e.g. in case of carelessness or gross negligence).
The disciplinary proceedings shall be commenced on the basis of the results of an investigation or quality control, a precept issued by the Ministry of Finance or any other document or information, which gives a reason to believe that the member of the Board of Auditors has committed a disciplinary offence. Acts, which turn out to be disciplinary offences, are individually stipulated in law, inter alia e.g. submission or disclosure of incorrect or misleading information, disclosure of incorrect or misleading advertisements or operation without professional liability insurance.
How much does the insurance help?
The existence of a professional liability insurance contract of an audit firm is required by Auditors Activities Act for securing compensation for direct proprietary damage caused by the provision of audit services. Audit firms are required to have significantly higher assurance coverage than self-employed auditors. The insurance coverage in a professional liability insurance contract of an audit firm shall be at least ten times the amount of the fees of the two biggest client contracts of the last ended activity report period, but not less than 64,000 euros for one insured event and ten times the amount of the fees of the three biggest client contracts of the last ended activity report period, but not less than 64,000 euros for all the claims submitted in a year.
The Board of Auditors has drawn the attention of its members to the fact that the aggregate statistics on statutory professional indemnity benefits for auditors paid by insurance companies operating in Estonia in 2010–2018 show that a company with a smaller number of sworn auditors may not always have sufficient capacity to meet its client’s reasonable and extensive claim for damages in case of a claim exceeding the insurance cover and in concluding the insurance contract it should not always follow the minimum requirements set out in the Auditors Activities Act.
It appears from the statistics that since 2016, the insurance companies have indemnified the losses caused by auditors on the basis of compulsory professional indemnity in a constantly increasing amount. In 2018 the total amount of the insurance benefits was 130,000 euros. At the same time, in 2014 and 2015, the amount of compensation for damages caused by auditors was 0 euros, thus, the indemnification has constantly and rapidly increased.
The quality of Estonian auditors’ activity is good and has improved over time. When choosing an auditor, the client has the right to expect, that he or she shall receive high quality service from the auditor and assurance that if the auditor makes a mistake, the auditor is liable, and the insurance shall help to compensate the caused damages of the client. Thereby, it is worth noting for both the auditor and the client that in the event of major losses, the auditor’s professional indemnity insurance is not sufficient.
 Handbook of the Code of Ethics for Professional Accountants (Estonia) (incl. independence standard). Available: https://www.audiitorkogu.ee/uploads/Uued%202019%20kehtima%20hakkavad%20standardid/Eetikakoodeks%20Eesti.pdf (29.04.2020).